Reputation: 6506
I've setup a new blob storage account on my Azure account and configured it to allow CORS using the following configurations:
serviceProperties.Cors = new CorsProperties();
serviceProperties.Cors.CorsRules.Add(new CorsRule()
{
AllowedHeaders = new List<string>() { "*" },
AllowedMethods = CorsHttpMethods.Put | CorsHttpMethods.Get | CorsHttpMethods.Head | CorsHttpMethods.Post | CorsHttpMethods.Delete,
AllowedOrigins = new List<string>() { "*" },
ExposedHeaders = new List<string>() { "*" },
MaxAgeInSeconds = 1800 // 30 minutes
});
And yet I still get the following error from my js code:
Origin <MY-SITE-URL> not found in Access-Control-Allow-Origin header
Looking on the response headers of the image, I see:
Access-Control-Allow-Origin: *
So why doesn't it work?
Upvotes: 2
Views: 2358
Reputation: 316
Are you setting the withCredentials property on the xmlhttprequest to true? If yes the browser will reject wildcard Access-Control-Allow-Origin.
Check out the following links for more helpful information:
Azure storage CORS returns origin wildcard and fails in browser
https://msdn.microsoft.com/en-us/library/azure/dn535601.aspx
Upvotes: 1